package com.rookie.shiro.module.config;

import com.rookie.shiro.module.util.WebUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.io.IOException;

/**
 * @author rookie
 */
public class PermFailFilter extends PermissionsAuthorizationFilter {

    /**
     * 如果未登录会重定向到登录页面，所以要重写次方法
     */
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {

        Subject subject = getSubject(request, response);
        if (subject.getPrincipal() == null) {
            //请求异常
            WebUtils.errorJson("异常", response);
        } else {
            WebUtils.errorJson("无权限", response);
        }
        return false;
    }
}
